Product Spotlight - WholeSecurity Confidence Online™
Description
"Confidence Online Enterprise Edition OnDemand offers on-demand protection for all users logging into the network via remote access technologies, like SSL VPNs, Citrix® MetaFrame® Access Suite, and Web mail. To do so, Confidence Online employs ActiveX® and Netscape® plug-ins to distribute the software the first time a user logs in from a particular computer or device - making endpoint, on-demand security a reality. After the initial download, Confidence Online scans the endpoint machine to identify any malicious eavesdropping and remote control software on the system and then takes action based on the configuration set by the IT manager, which can range from reporting and disabling to permanently quarantining the threat. Additionally, Confidence Online ensures compliance with additional security policies, such as having antivirus software turned on." (Source: WholeSecurity)
What it does
Confidence Online's patent-pending core technology can detect known and unknown eavesdropping threats, including Trojan horses, remote controls, network-enabled keystroke loggers, and worms. Using a behavioral detection method that is more effective than signature-based solutions, Confidence Online provides zero-hour protection against new threats, eliminating the need for time-intensive signature updates and ensuring that your enterprise is not impacted by the latest worm infections or eavesdropping attacks.
- Before users can log-on to an SSL VPN gateway, Confidence Online
OnDemand ensures that backdoor programs are NOT running on their endpoint
computers.
- WholeSecurity has demonstrated that Confidence Online (1) detected
every major worm in 2003-2004 without any updates and (2) detected
100% of all previously unknown Trojan horses in an independent lab
test when leading anti-virus products only identified 35% with completely
updated signature files.
How it Works
Confidence Online executes thousands of tests on all active computer processes to identify behavior consistent with malicious code. If such code is detected, the offending process can be terminated, quarantined and reported.
Admin Perspective
- An administrator can install and configure Confidence Online on
a server (Windows 2000/2003 Server, FreeBSD, or Solaris) in less than
a day. The product works out of the box. There is no baselining or
other intensive configuration work required for roll-out in an new
environment.
- The primary on-going administrator tasks are periodic monitoring of the WholeSecurity Management Console. Unlike typical IDS systems, the number of alerts is small and directly correlated with the number of infections. Customers with more than 10,000 seats claim only a few hours of maintenance per month.
User Perspective
- The user can be accessing the SSL VPN gateway from any computer that
runs either Internet Explorer or the Netscape, Mozilla or Firefox browsers.
For IE an ActiveX control is used. The Mozilla-based browsers rely on a
Netscape Plug-In. (Note: supported operating systems include Windows 98/ME/NT
4.0/2000/XP)
- The user enters the URL of the SSL VPN Gateway and is automatically
re-directed to the Confidence Online server.
- The On-Demand client is automatically downloaded in 10 seconds,
or less - without any user intervention. And the user never
needs to "update" the On-Demand client.
- Once the computer is scanned, the user is re-directed to the SSL VPN gateway and receives an authentication screen.
Compatibility/Integration with SSL VPN Gateways
Confidence Online is built to work with leading SSL VPN solutions out of the box. Other solutions or web-based applications might require straightforward integration work.
Additional Information
WholeSecurity White Paper: Zero-Hour Protection for Managed and Unmanaged Endpoint PC